mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 12:05:37 +00:00
FIX updateValidatePassword calls need to be masked from backtraces
This commit is contained in:
parent
ab942c9290
commit
e37b3b95f4
@ -45,6 +45,7 @@ class Backtrace
|
|||||||
array('SilverStripe\\Security\\PasswordEncryptor_MySQLOldPassword', 'salt'),
|
array('SilverStripe\\Security\\PasswordEncryptor_MySQLOldPassword', 'salt'),
|
||||||
array('SilverStripe\\Security\\PasswordEncryptor_Blowfish', 'encrypt'),
|
array('SilverStripe\\Security\\PasswordEncryptor_Blowfish', 'encrypt'),
|
||||||
array('SilverStripe\\Security\\PasswordEncryptor_Blowfish', 'salt'),
|
array('SilverStripe\\Security\\PasswordEncryptor_Blowfish', 'salt'),
|
||||||
|
array('*', 'updateValidatePassword'),
|
||||||
);
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -106,7 +107,10 @@ class Backtrace
|
|||||||
$match = false;
|
$match = false;
|
||||||
if (!empty($bt[$i]['class'])) {
|
if (!empty($bt[$i]['class'])) {
|
||||||
foreach ($ignoredArgs as $fnSpec) {
|
foreach ($ignoredArgs as $fnSpec) {
|
||||||
if (is_array($fnSpec) && $bt[$i]['class'] == $fnSpec[0] && $bt[$i]['function'] == $fnSpec[1]) {
|
if (is_array($fnSpec) &&
|
||||||
|
('*' == $fnSpec[0] || $bt[$i]['class'] == $fnSpec[0]) &&
|
||||||
|
$bt[$i]['function'] == $fnSpec[1]
|
||||||
|
) {
|
||||||
$match = true;
|
$match = true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -68,4 +68,45 @@ class BacktraceTest extends SapphireTest
|
|||||||
$this->assertEquals('<filtered>', $filtered[1]['args']['password'], 'Filters class functions');
|
$this->assertEquals('<filtered>', $filtered[1]['args']['password'], 'Filters class functions');
|
||||||
$this->assertEquals('myval', $filtered[2]['args']['myarg'], 'Doesnt filter other functions');
|
$this->assertEquals('myval', $filtered[2]['args']['myarg'], 'Doesnt filter other functions');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testFilteredWildCard()
|
||||||
|
{
|
||||||
|
$bt = array(
|
||||||
|
array(
|
||||||
|
'type' => '->',
|
||||||
|
'file' => 'MyFile.php',
|
||||||
|
'line' => 99,
|
||||||
|
'function' => 'myIgnoredGlobalFunction',
|
||||||
|
'args' => array('password' => 'secred',)
|
||||||
|
),
|
||||||
|
array(
|
||||||
|
'class' => 'MyClass',
|
||||||
|
'type' => '->',
|
||||||
|
'file' => 'MyFile.php',
|
||||||
|
'line' => 99,
|
||||||
|
'function' => 'myIgnoredClassFunction',
|
||||||
|
'args' => array('password' => 'secred',)
|
||||||
|
),
|
||||||
|
array(
|
||||||
|
'class' => 'MyClass',
|
||||||
|
'type' => '->',
|
||||||
|
'file' => 'MyFile.php',
|
||||||
|
'line' => 99,
|
||||||
|
'function' => 'myFunction',
|
||||||
|
'args' => array('myarg' => 'myval')
|
||||||
|
)
|
||||||
|
);
|
||||||
|
Backtrace::config()->update(
|
||||||
|
'ignore_function_args',
|
||||||
|
array(
|
||||||
|
array('*', 'myIgnoredClassFunction'),
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
$filtered = Backtrace::filter_backtrace($bt);
|
||||||
|
|
||||||
|
$this->assertEquals('secred', $filtered[0]['args']['password']);
|
||||||
|
$this->assertEquals('<filtered>', $filtered[1]['args']['password']);
|
||||||
|
$this->assertEquals('myval', $filtered[2]['args']['myarg']);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user